KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > javax > security > auth > kerberos > KeyImpl


1 /*
2  * @(#)KeyImpl.java 1.13 04/04/01
3  *
4  * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
5  * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
6  */
7
8 package javax.security.auth.kerberos;
9
10 import java.io.*;
11 import java.util.Arrays JavaDoc;
12 import javax.crypto.SecretKey;
13 import javax.security.auth.Destroyable JavaDoc;
14 import javax.security.auth.DestroyFailedException JavaDoc;
15 import sun.misc.HexDumpEncoder;
16 import sun.security.krb5.Asn1Exception;
17 import sun.security.krb5.PrincipalName;
18 import sun.security.krb5.EncryptionKey;
19 import sun.security.krb5.EncryptedData;
20 import sun.security.krb5.KrbException;
21 import sun.security.krb5.KrbCryptoException;
22 import sun.security.util.DerValue;
23
24 /**
25  * This class encapsulates a Kerberos encryption key. It is not associated
26  * with a principal and may represent an ephemeral session key.
27  *
28  * @author Mayank Upadhyay
29  * @version 1.13, 04/01/04
30  * @since 1.4
31  *
32  * @serial include
33  */
34 class KeyImpl implements SecretKey, Destroyable JavaDoc, Serializable {
35
36     private static final long serialVersionUID = -7889313790214321193L;
37
38     private transient byte[] keyBytes;
39     private transient int keyType;
40     private transient boolean destroyed = false;
41
42
43     /**
44      * Constructs a KeyImpl from the given bytes.
45      *
46      * @param keyBytes the raw bytes for the secret key
47      * @param keyType the key type for the secret key as defined by the
48      * Kerberos protocol specification.
49      */
50     public KeyImpl(byte[] keyBytes,
51                int keyType) {
52     this.keyBytes = (byte[]) keyBytes.clone();
53     this.keyType = keyType;
54     }
55
56     /**
57      * Constructs a KeyImpl from a password.
58      *
59      * @param principal the principal from which to derive the salt
60      * @param password the password that should be used to compute the
61      * key.
62      * @param algorithm the name for the algorithm that this key wil be
63      * used for. This parameter may be null in which case "DES" will be
64      * assumed.
65      */
66     public KeyImpl(KerberosPrincipal JavaDoc principal,
67            char[] password,
68            String JavaDoc algorithm) {
69
70     try {
71         PrincipalName princ = new PrincipalName(principal.getName());
72         EncryptionKey key =
73         new EncryptionKey(password, princ.getSalt(),algorithm);
74         this.keyBytes = key.getBytes();
75         this.keyType = key.getEType();
76     } catch (KrbException e) {
77         throw new IllegalArgumentException JavaDoc(e.getMessage());
78     }
79     }
80
81     /**
82      * Returns the keyType for this key as defined in the Kerberos Spec.
83      */
84     public final int getKeyType() {
85     if (destroyed)
86         throw new IllegalStateException JavaDoc("This key is no longer valid");
87     return keyType;
88     }
89
90     /*
91      * Methods from java.security.Key
92      */
93     
94     public final String JavaDoc getAlgorithm() {
95     return getAlgorithmName(keyType);
96     }
97
98     private String JavaDoc getAlgorithmName(int eType) {
99     if (destroyed)
100         throw new IllegalStateException JavaDoc("This key is no longer valid");
101
102     switch (eType) {
103     case EncryptedData.ETYPE_DES_CBC_CRC:
104     case EncryptedData.ETYPE_DES_CBC_MD5:
105         return "DES";
106
107     case EncryptedData.ETYPE_DES3_CBC_HMAC_SHA1_KD:
108         return "DESede";
109
110         case EncryptedData.ETYPE_ARCFOUR_HMAC:
111             return "ArcFourHmac";
112
113     case EncryptedData.ETYPE_AES128_CTS_HMAC_SHA1_96:
114             return "AES128";
115  
116         case EncryptedData.ETYPE_AES256_CTS_HMAC_SHA1_96:
117             return "AES256";
118         
119     case EncryptedData.ETYPE_NULL:
120         return "NULL";
121
122     default:
123         throw new IllegalArgumentException JavaDoc(
124         "Unsupported encryption type: " + eType);
125     }
126     }
127     
128     public final String JavaDoc getFormat() {
129     if (destroyed)
130         throw new IllegalStateException JavaDoc("This key is no longer valid");
131     return "RAW";
132     }
133     
134     public final byte[] getEncoded() {
135     if (destroyed)
136         throw new IllegalStateException JavaDoc("This key is no longer valid");
137     return (byte[])keyBytes.clone();
138     }
139
140     public void destroy() throws DestroyFailedException JavaDoc {
141     if (!destroyed) {
142         Arrays.fill(keyBytes, (byte) 0);
143         destroyed = true;
144     }
145     }
146
147     public boolean isDestroyed() {
148     return destroyed;
149     }
150
151    /**
152     * @serialData this <code>KeyImpl</code> is serialized by
153     * writing out the ASN1 Encoded bytes of the
154     * encryption key. The ASN1 encoding is defined in
155     * RFC1510 and as follows:
156     * EncryptionKey ::= SEQUENCE {
157     * keytype[0] INTEGER,
158     * keyvalue[1] OCTET STRING
159     * }
160     **/
161
162     private synchronized void writeObject(ObjectOutputStream ois)
163         throws IOException {
164     if (destroyed) {
165        throw new IOException ("This key is no longer valid");
166     }
167
168     try {
169        ois.writeObject((new EncryptionKey(keyType,keyBytes)).asn1Encode());
170     } catch (Asn1Exception ae) {
171        throw new IOException(ae.getMessage());
172     }
173     }
174
175     private synchronized void readObject(ObjectInputStream ois)
176         throws IOException , ClassNotFoundException JavaDoc {
177     try {
178         EncryptionKey encKey = new EncryptionKey(new
179                      DerValue((byte[])ois.readObject()));
180         keyType = encKey.getEType();
181         keyBytes = encKey.getBytes();
182     } catch (Asn1Exception ae) {
183         throw new IOException (ae.getMessage());
184     }
185     }
186
187     public String JavaDoc toString() {
188     HexDumpEncoder hd = new HexDumpEncoder();
189     return new String JavaDoc("EncryptionKey: keyType=" + keyType
190                           + " keyBytes (hex dump)="
191                           + (keyBytes == null || keyBytes.length == 0 ?
192                              " Empty Key" :
193                              '\n' + hd.encode(keyBytes)
194                           + '\n'));
195
196     
197     }
198 }
199
Popular Tags